Secure IoT Systems in Product Lifecycle Information Management

Thumbnail Image
Journal Title
Journal ISSN
Volume Title
School of Science | Doctoral thesis (article-based) | Defence date: 2023-03-24
Degree programme
76 + app. 114
Aalto University publication series DOCTORAL THESES, 26/2023
Existing and upcoming applications of Internet of Things (IoT) show great promise in increasing the level of comfort, efficiency, and automation for human users. These applications require a high-security level to protect users from different types of security threats such as IoT botnets and ransomware. Most of the existing approaches for network security are unable to cope with various limitations of IoT networks, including data heterogeneity and processing power constraints. Although the use of IoT has grown exponentially in recent years, the security of IoT products and users is still often neglected throughout the lifetime of IoT systems. This thesis is one of the first studies that considers IoT security throughout the product lifecycle. Because security is an imperative and ongoing task, it should be started from the earliest stage in the product lifecycle and continued until the final stage. Furthermore, it is vital to ensure the security of not only user clients but also products. However, most current IoT vendors mainly focus on the security requirements of clients, since it is important for them to convince prospective clients that it is safe to adopt their services. For this purpose, the current literature has mostly focused on technologies for safeguarding the security of IoT service clients. Hence, in this thesis, a new security architecture is proposed for IoT that both covers the entire product lifecycle as well as considers product-side and client-side security. By focusing on product-side security, the thesis employs novel machine learning techniques for identifying IoT products in smart environments.
Supervising professor
Främling, Kary, Adj. Prof., Aalto University, Department of Industrial Engineering and Management, Finland
Thesis advisor
Malhi, Avleen, Dr., Bournemouth University, United Kingdom
IoT security, product lifecycle information management, machine learning
Other note
  • [Publication 1]: Narges Yousefnezhad, Avleen Malhi, Kary Främling. Security in product lifecycle of IoT devices: A survey. Journal of Network and Computer Applications, Vol.171, 102779, December 2020.
    Full text in Acris/Aaltodoc:
    DOI: 10.1016/j.jnca.2020.102779 View at publisher
  • [Publication 2]: Narges Yousefnezhad, Avleen Malhi, Tuomas Keyriläinen, Kary Främling. A Comprehensive Security Architecture for Information Management Throughout the Lifecycle of IoT Products. Submitted to IEEE Access, 2022.
  • [Publication 3]: Narges Yousefnezhad, Avleen Malhi, Tuomas Kinnunen, Matti Huotari, Kary Främling. Product Lifecycle Information Management with Digital Twin: A Case Study. In IEEE 18th International Conference on Industrial Informatics (INDIN), pp. 321-326, July 2020.
    Full text in Acris/Aaltodoc:
    DOI: 10.1109/INDIN45582.2020.9442208 View at publisher
  • [Publication 4]: Narges Yousefnezhad, Roman Filippov, Asad Javed, Andrea Buda, Manik Madhikermi, Kary Framling. Authentication and Access Control for Open Messaging Interface Standard. In International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (Mobiquitous 2017), Melbourne, Australia, pp. 20-27, November 2017.
    Full text in Acris/Aaltodoc:
    DOI: 10.1145/3144457.3144461 View at publisher
  • [Publication 5]: Narges Yousefnezhad, Manik Madhikermi, Kary Främling. MeDI: Measurement-based Device Identification Framework for Internet of Things. In IEEE 16th International Conference on Industrial Informatics (INDIN), Porto, Portugal, pp. 95-100, July 2018.
    Full text in Acris/Aaltodoc:
    DOI: 10.1109/INDIN.2018.8472080 View at publisher
  • [Publication 6]: Narges Yousefnezhad, Avleen Malhi, Kary Främling. Automated IoT Device identification based on full packet information using real-time network traffic. Sensors, vol.21, n.8, April 2021.
    Full text in Acris/Aaltodoc:
    DOI: 10.3390/s21082660 View at publisher